| 1 |
On Friday 15 Apr 2016 09:48:47 Neil Bothwick wrote: |
| 2 |
|
| 3 |
> I have these entries in /etc/rkhunter.conf.local: |
| 4 |
> |
| 5 |
> ALLOWDEVFILE="/dev/shm/org.chromium.Chromium.shmem.*" |
| 6 |
> ALLOWDEVFILE="/dev/shm/pulse-shm-*" |
| 7 |
> ALLOWHIDDENFILE="/usr/share/man/man5/.k5identity.5.bz2" |
| 8 |
> ALLOWHIDDENFILE="/usr/share/man/man5/.k5login.5.bz2" |
| 9 |
> ALLOWHIDDENFILE="/usr/share/man/man5/.k5identity.5" |
| 10 |
> ALLOWHIDDENFILE="/usr/share/man/man5/.k5login.5" |
| 11 |
|
| 12 |
Thank you all for your advice. I have a couple of entries in my |
| 13 |
rkhunter.conf.local too, but not a wild card like "/dev/shm/pulse-shm-*". I |
| 14 |
was thinking that if I were a script kiddie, this could be easy picking if I |
| 15 |
wanted to place a malicious payload on a PC. |
| 16 |
|
| 17 |
-- |
| 18 |
Regards, |
| 19 |
Mick |
Archives